Bleeping Computer reports that 29,139 Mac devices across the world, including the US, Canada and Germany, have been infected with a new macOS malware known as Silver Sparrow.
According to Red Canary researchers, the new malware has been distributed as files named 'update.pkg' [VirusTotal] or 'updater.pkg' [VirusTotal], with the update.pkg including both an Apple M1 and an Intel x86_64 binary, while the updater.pkg only has the executable Intel file.
They could not find the real purpose of the malware and "[we] have no way of knowing with certainty what payload would be distributed by the malware, if a payload has already been delivered and removed, or if the adversary has a future timeline for distribution," the Red Canary report stated.
Malwarebytes' Thomas Reed said they have no idea how Silver Sparrow is installed. "We don’t know how users would have initially found that installer. In fact, I’m a bit skeptical that it may even still be in distribution, in this form, at least," he added.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
More details regarding state and local governments' vulnerability assessment measures have been sought by Deputy National Security Advisor for Cyber and Emerging Technologies.
Included in the sanctioned firms are cryptocurrency exchanges Bitpapa IC FZC LLC and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey, or TOEP, both of which supported money laundering efforts by Hydra Market.
Wuhan XRZ, a tech firm suspected to be linked to Chinese state-sponsored threat group APT31, and seven other individuals have been sanctioned and indicted by the U.S. for their involvement in a widespread operation targeting U.S. officials and U.S.-based dissidents.